Risk: Medium
At the beginning of August, McAfee sent out a SecurityCenter 7.0 update to fix flaws discovered in its SecurityCenter software.
McAfee sent out a SecurityCenter 7.0 update to address the vulnerabilities, which could allow intruders to gain remote control of PCs systems if the user clicks on a link to a malicious website.
The flaws relate to SecurityCenter versions 4.3 to 6.0.22 and consumers who prefer to stay with these older versions should have received a security patch from McAfee. Enterprise versions of the software are not affected.
SecurityCenter is geared toward consumers and small businesses, so the level of defense is less than a corporate network.
eEye, the company that discovered the flaws, rates them as "highly critical," due to the potential of allowing remote execution of code. McAfee, however, rates the flaws as a "medium" threat, because it requires user intervention to take effect. Users should apply the McAfee patches; more information is available at:
http://ts.mcafeehelp.com/faq3.asp?docid=407052